<?php
	/* user registration script for the registration_form.php page */

	//start the session
	session_start();

	//check that the form has been submitted
	if(isset($_POST['submit']) && $_POST['username'] != '' && $_POST['email'] !='' && $_POST['pword'] != '' && $_POST['confirm_pword'] !='')
	{	
		$username = htmlentities($_POST['username'], ENT_QUOTES);
		$email = htmlentities($_POST['email'], ENT_QUOTES);
		$pword = htmlentities($_POST['pword'], ENT_QUOTES);
		$confirm_pword = htmlentities($_POST['confirm_pword'], ENT_QUOTES);
		$found = false;
			
		//checkes to see if the confirmation password and the password match, 
		//if they do not match this displays an error message
     	if($confirm_pword !== $pword)
      	{
			$_SESSION['message'] = "<span style='color: red; font-weight: bold;'>Passwords do not match.</span>";
        	header('Location: ../registration_form.php');
		}
		else
		{
			//defines the file location
			$members_file = '../user_data/username_database.txt';
			//open's the file to allow us to read and write to it
			$file = fopen($members_file, 'a+');
	
			//if the file is empty, write to it
			if(filesize($members_file) === 0)
			{
				fwrite($file, "$username | $pword | $email");

				$_SESSION['message'] = "<span style='color:green; font-weight:bold;'>Registration complete. Login to enter members area.</span>";
				header('Location: ../index.php');
			}
			else
		  	{
				/*
				can't allow duplicate usernames so check's if the entered username has aleady 
		    	been taken.
		    	rewind the pointer to the top of the file - this is because we opened the file to append 
		    	so the pointer is currently at the end of the file
				*/
				
				rewind($file);

			   	//now we loop through the file to see if there is a matching username in the file
	       		while (!feof($file))
          		{
		        	//we go through the file line by line
            		$line = fgets($file);
            		$temp = explode(' | ', $line);
					
					//if a duplicate username is found this sets $found to true,
					//breaking out of the while loop
            		if($temp[0] == $username)
	    			{
						$found = true;
						break;
					}
	        	}
	        			
	        	//if the username is unique, this writes the data to file
				if(!$found)
				{
					//add the contents to the file
					fwrite($file, "\r\n$username | $pword | $email");
						
					//closes the file
					fclose($file);
				
					$_SESSION['message'] = "<span style='color:green; font-weight:bold;'>Registration complete. Login to enter members area.</span>";
					header('Location: ../index.php');
				}
				else
		  		{
					//displays an error message if username already exists
					$_SESSION['message'] = "<span style='color: red; font-weight: bold;'>Username already taken. Choose another one.</span>";
        			header('Location: ../registration_form.php');
      			} 
			}                              
		}      	
	}
	else 
	{
		//displays an error message if not all field have been filled in the form
		$_SESSION['message'] = "<span style='color: red; font-weight: bold;'>Not all field have been filled.</span>";
		header('Location: ../registration_form.php');
	}
?>